The question for your library is what is the largest size array that foo should create? Is passing the maximum size of size_t an error? If not then your library can't tell between an erroneous call and a legitimate call that wants a very large array to be created. If you can't tell whether an input is invalid then you should treat it as valid. The users of your library are responsible for catching these errors.